diff --git a/.github/workflows/linters.yml b/.github/workflows/linters.yml
index b50f9c1..7944713 100644
--- a/.github/workflows/linters.yml
+++ b/.github/workflows/linters.yml
@@ -4,7 +4,8 @@ name: MegaLinter
 on:
   push:
   pull_request:
-    branches: main
+    branches: 
+    - main
 
 concurrency:
   group: ${{ github.ref }}-${{ github.workflow }}
diff --git a/.github/workflows/validate.yml b/.github/workflows/validate.yml
index d214448..8a992ca 100644
--- a/.github/workflows/validate.yml
+++ b/.github/workflows/validate.yml
@@ -11,7 +11,6 @@ on:
 jobs:
   test:
     name: Evaluate components
-    if: ${{ github.event.pull_request.base.repo.url == github.event.pull_request.head.repo.url }}
     runs-on: ubuntu-latest
     permissions:
       contents: read
@@ -28,9 +27,12 @@ jobs:
           oscal_model: "compdef"
           check_only: true
   
+  # Only autofix if the test job fails and the PR is from the same repo
   call-autofix:
     needs: [test]
-    if: ${{ always() && contains(needs.*.result, 'failure') }}
+    if: |
+      always() && contains(needs.*.result, 'failure')
+      && github.event.pull_request.base.repo.url == github.event.pull_request.head.repo.url
     uses: ./.github/workflows/autofix-cd.yml
     with:
       branch: ${{ github.head_ref }}